ryuk (7)

8066479468?profile=RESIZE_400xThe Ryuk threat actors have struck again, moving from sending a phishing email to complete encryption across the victim’s network in just five hours. That breakneck speed is partially the result of the gang using the Zerologon privilege-escalation bug (CVE-2020-1472) less than two hours after the initial phish.

The Zerologon vulnerability allows an unauthenticated attacker with network access to a domain controller to completely compromise all Active Directory identity services, according to Mic

8041648453?profile=RESIZE_400xMicrosoft collaborated with cybersecurity companies and government agencies to take down the million-device Trickbot botnet to help protect the November 3rd US Presidential election and stop the global spread of ransomware and other malware. The botnet has been used to distribute a variety of malicious code, including the Ryuk ransomware variant, which the US government has cited as a potential threat vector against the election. 

Microsoft obtained a court order from the US District Court, East

7962214498?profile=RESIZE_400xThe current US administration is signaling it will be updating the US government’s approach to its maritime cybersecurity strategy.  Cyber security priorities are being discussed to enhance and secure the US’ ability to ‘project power at sea and defend against adversarial cyberattacks.’  The plan involves a re-examination of the national approach to information sharing and better emphasizing the use of operational technologies in ports. 

Hackers at all tier levels have long targeted shipping fir

6930685270?profile=RESIZE_400xOn June 23, 2020, the US Federal Bureau of Investigation sent out a security alert to K-12 schools about the increase in ransomware attacks during the coronavirus (COVID-19) pandemic, especially about ransomware gangs that abuse remote desktop connections to break into school systems.

The alert, called a Private Industry Notification, or PIN, tells schools that "cyber actors are likely to increase targeting of K-12 schools during the COVID-19 pandemic because they represent an opportunistic targe

4205403241?profile=RESIZE_710xThe City of Durham, North Carolina has shut down its network after suffering a cyberattack by the Ryuk Ransomware on 07 March 2020.  Local media reports that the city fell victim to a phishing attack that ultimately led to the deployment of the Ryuk Ransomware on their systems.  Ryuk was developed by a Russian hacker group and finds its way into a network once someone opens a malicious email attachment. Once deployed, Ryuk can spread across network servers through file shares to individual compu

3187431567?profile=RESIZE_710xhttps://research.checkpoint.com/ryuk-ransomware-targeted-campaign-break/

Our UK partners have share an important report on Ryuk Malware.

Ryuk was first seen in August 2018 and has been responsible for multiple attacks globally. Ryuk is a targeted ransomware where demands are set according to the victim’s perceived ability to pay.

The Ryuk ransomware is often not observed until a period of time after the initial infection – ranging from days to months – which allows the actor time to carry out re